17c478bd9Sstevel@tonic-gate %{ 27663b816Sml37995 /* 37663b816Sml37995 * Copyright (C) 2003 by Darren Reed. 47663b816Sml37995 * 57663b816Sml37995 * See the IPFILTER.LICENCE file for details on licencing. 67663b816Sml37995 * 7ab25eeb5Syz155240 * Copyright 2006 Sun Microsystems, Inc. All rights reserved. 87663b816Sml37995 * Use is subject to license terms. 97663b816Sml37995 */ 107663b816Sml37995 117663b816Sml37995 #pragma ident "%Z%%M% %I% %E% SMI" 127663b816Sml37995 137c478bd9Sstevel@tonic-gate #include <sys/types.h> 147c478bd9Sstevel@tonic-gate #include <sys/time.h> 157c478bd9Sstevel@tonic-gate #include <sys/param.h> 167c478bd9Sstevel@tonic-gate #include <sys/socket.h> 177c478bd9Sstevel@tonic-gate #if defined(BSD) && (BSD >= 199306) 187c478bd9Sstevel@tonic-gate # include <sys/cdefs.h> 197c478bd9Sstevel@tonic-gate #endif 207c478bd9Sstevel@tonic-gate #include <sys/ioctl.h> 217c478bd9Sstevel@tonic-gate 227c478bd9Sstevel@tonic-gate #include <net/if.h> 237c478bd9Sstevel@tonic-gate #if __FreeBSD_version >= 300000 247c478bd9Sstevel@tonic-gate # include <net/if_var.h> 257c478bd9Sstevel@tonic-gate #endif 267c478bd9Sstevel@tonic-gate #include <netinet/in.h> 277c478bd9Sstevel@tonic-gate 287c478bd9Sstevel@tonic-gate #include <arpa/inet.h> 297c478bd9Sstevel@tonic-gate 307c478bd9Sstevel@tonic-gate #include <stdio.h> 317c478bd9Sstevel@tonic-gate #include <fcntl.h> 327c478bd9Sstevel@tonic-gate #include <stdlib.h> 337c478bd9Sstevel@tonic-gate #include <string.h> 347c478bd9Sstevel@tonic-gate #include <netdb.h> 357c478bd9Sstevel@tonic-gate #include <ctype.h> 367c478bd9Sstevel@tonic-gate #include <unistd.h> 377c478bd9Sstevel@tonic-gate 387c478bd9Sstevel@tonic-gate #include "ipf.h" 397c478bd9Sstevel@tonic-gate #include "netinet/ip_lookup.h" 407c478bd9Sstevel@tonic-gate #include "netinet/ip_pool.h" 417c478bd9Sstevel@tonic-gate #include "netinet/ip_htable.h" 427c478bd9Sstevel@tonic-gate #include "ippool_l.h" 437c478bd9Sstevel@tonic-gate #include "kmem.h" 447c478bd9Sstevel@tonic-gate 457c478bd9Sstevel@tonic-gate #define YYDEBUG 1 467c478bd9Sstevel@tonic-gate 477c478bd9Sstevel@tonic-gate extern int yyparse __P((void)); 487c478bd9Sstevel@tonic-gate extern int yydebug; 497c478bd9Sstevel@tonic-gate extern FILE *yyin; 507c478bd9Sstevel@tonic-gate 517c478bd9Sstevel@tonic-gate static iphtable_t ipht; 527c478bd9Sstevel@tonic-gate static iphtent_t iphte; 537c478bd9Sstevel@tonic-gate static ip_pool_t iplo; 547c478bd9Sstevel@tonic-gate static ioctlfunc_t poolioctl = NULL; 557c478bd9Sstevel@tonic-gate static char poolname[FR_GROUPLEN]; 567663b816Sml37995 static int set_ipv6_addr = 0; 577c478bd9Sstevel@tonic-gate 587c478bd9Sstevel@tonic-gate %} 597c478bd9Sstevel@tonic-gate 607c478bd9Sstevel@tonic-gate %union { 617c478bd9Sstevel@tonic-gate char *str; 627c478bd9Sstevel@tonic-gate u_32_t num; 637c478bd9Sstevel@tonic-gate struct in_addr addr; 647c478bd9Sstevel@tonic-gate struct alist_s *alist; 657663b816Sml37995 union i6addr adrmsk[2]; 667c478bd9Sstevel@tonic-gate iphtent_t *ipe; 677c478bd9Sstevel@tonic-gate ip_pool_node_t *ipp; 687c478bd9Sstevel@tonic-gate union i6addr ip6; 697c478bd9Sstevel@tonic-gate } 707c478bd9Sstevel@tonic-gate 717c478bd9Sstevel@tonic-gate %token <num> YY_NUMBER YY_HEX 727c478bd9Sstevel@tonic-gate %token <str> YY_STR 737c478bd9Sstevel@tonic-gate %token YY_COMMENT 747c478bd9Sstevel@tonic-gate %token YY_CMP_EQ YY_CMP_NE YY_CMP_LE YY_CMP_GE YY_CMP_LT YY_CMP_GT 757c478bd9Sstevel@tonic-gate %token YY_RANGE_OUT YY_RANGE_IN 767c478bd9Sstevel@tonic-gate %token <ip6> YY_IPV6 777c478bd9Sstevel@tonic-gate 787c478bd9Sstevel@tonic-gate %token IPT_IPF IPT_NAT IPT_COUNT IPT_AUTH IPT_IN IPT_OUT 797c478bd9Sstevel@tonic-gate %token IPT_TABLE IPT_GROUPMAP IPT_HASH 807c478bd9Sstevel@tonic-gate %token IPT_ROLE IPT_TYPE IPT_TREE 817c478bd9Sstevel@tonic-gate %token IPT_GROUP IPT_SIZE IPT_SEED IPT_NUM IPT_NAME 827c478bd9Sstevel@tonic-gate %type <num> role table inout 837c478bd9Sstevel@tonic-gate %type <ipp> ipftree range addrlist 847c478bd9Sstevel@tonic-gate %type <adrmsk> addrmask 857c478bd9Sstevel@tonic-gate %type <ipe> ipfgroup ipfhash hashlist hashentry 867c478bd9Sstevel@tonic-gate %type <ipe> groupentry setgrouplist grouplist 877663b816Sml37995 %type <ip6> ipaddr mask ipv4 887c478bd9Sstevel@tonic-gate %type <str> number setgroup 897c478bd9Sstevel@tonic-gate 907c478bd9Sstevel@tonic-gate %% 917c478bd9Sstevel@tonic-gate file: line 927c478bd9Sstevel@tonic-gate | assign 937c478bd9Sstevel@tonic-gate | file line 947c478bd9Sstevel@tonic-gate | file assign 957c478bd9Sstevel@tonic-gate ; 967c478bd9Sstevel@tonic-gate 977c478bd9Sstevel@tonic-gate line: table role ipftree eol { iplo.ipo_unit = $2; 987c478bd9Sstevel@tonic-gate iplo.ipo_list = $3; 997c478bd9Sstevel@tonic-gate load_pool(&iplo, poolioctl); 1007c478bd9Sstevel@tonic-gate resetlexer(); 1017c478bd9Sstevel@tonic-gate } 1027c478bd9Sstevel@tonic-gate | table role ipfhash eol { ipht.iph_unit = $2; 1037c478bd9Sstevel@tonic-gate ipht.iph_type = IPHASH_LOOKUP; 1047c478bd9Sstevel@tonic-gate load_hash(&ipht, $3, poolioctl); 1057c478bd9Sstevel@tonic-gate resetlexer(); 1067c478bd9Sstevel@tonic-gate } 1077c478bd9Sstevel@tonic-gate | groupmap role number ipfgroup eol 1087c478bd9Sstevel@tonic-gate { ipht.iph_unit = $2; 1097c478bd9Sstevel@tonic-gate strncpy(ipht.iph_name, $3, 1107c478bd9Sstevel@tonic-gate sizeof(ipht.iph_name)); 1117c478bd9Sstevel@tonic-gate ipht.iph_type = IPHASH_GROUPMAP; 1127c478bd9Sstevel@tonic-gate load_hash(&ipht, $4, poolioctl); 1137c478bd9Sstevel@tonic-gate resetlexer(); 1147c478bd9Sstevel@tonic-gate } 1157c478bd9Sstevel@tonic-gate | YY_COMMENT 1167c478bd9Sstevel@tonic-gate ; 1177c478bd9Sstevel@tonic-gate 1187c478bd9Sstevel@tonic-gate eol: ';' 1197c478bd9Sstevel@tonic-gate ; 1207c478bd9Sstevel@tonic-gate 1217c478bd9Sstevel@tonic-gate assign: YY_STR assigning YY_STR ';' { set_variable($1, $3); 1227c478bd9Sstevel@tonic-gate resetlexer(); 1237c478bd9Sstevel@tonic-gate free($1); 1247c478bd9Sstevel@tonic-gate free($3); 1257c478bd9Sstevel@tonic-gate } 1267c478bd9Sstevel@tonic-gate ; 1277c478bd9Sstevel@tonic-gate 1287c478bd9Sstevel@tonic-gate assigning: 1297c478bd9Sstevel@tonic-gate '=' { yyvarnext = 1; } 1307c478bd9Sstevel@tonic-gate ; 1317c478bd9Sstevel@tonic-gate 1327c478bd9Sstevel@tonic-gate table: IPT_TABLE { bzero((char *)&ipht, sizeof(ipht)); 1337c478bd9Sstevel@tonic-gate bzero((char *)&iphte, sizeof(iphte)); 1347c478bd9Sstevel@tonic-gate bzero((char *)&iplo, sizeof(iplo)); 1357c478bd9Sstevel@tonic-gate *ipht.iph_name = '\0'; 1367c478bd9Sstevel@tonic-gate iplo.ipo_flags = IPHASH_ANON; 1377c478bd9Sstevel@tonic-gate iplo.ipo_name[0] = '\0'; 1387c478bd9Sstevel@tonic-gate } 1397c478bd9Sstevel@tonic-gate ; 1407c478bd9Sstevel@tonic-gate 1417c478bd9Sstevel@tonic-gate groupmap: 1427c478bd9Sstevel@tonic-gate IPT_GROUPMAP inout { bzero((char *)&ipht, sizeof(ipht)); 1437c478bd9Sstevel@tonic-gate bzero((char *)&iphte, sizeof(iphte)); 1447c478bd9Sstevel@tonic-gate *ipht.iph_name = '\0'; 1457c478bd9Sstevel@tonic-gate ipht.iph_unit = IPHASH_GROUPMAP; 1467c478bd9Sstevel@tonic-gate ipht.iph_flags = $2; 1477c478bd9Sstevel@tonic-gate } 1487c478bd9Sstevel@tonic-gate ; 1497c478bd9Sstevel@tonic-gate 1507c478bd9Sstevel@tonic-gate inout: IPT_IN { $$ = FR_INQUE; } 1517c478bd9Sstevel@tonic-gate | IPT_OUT { $$ = FR_OUTQUE; } 1527c478bd9Sstevel@tonic-gate ; 1537c478bd9Sstevel@tonic-gate role: 1547c478bd9Sstevel@tonic-gate IPT_ROLE '=' IPT_IPF { $$ = IPL_LOGIPF; } 1557c478bd9Sstevel@tonic-gate | IPT_ROLE '=' IPT_NAT { $$ = IPL_LOGNAT; } 1567c478bd9Sstevel@tonic-gate | IPT_ROLE '=' IPT_AUTH { $$ = IPL_LOGAUTH; } 1577c478bd9Sstevel@tonic-gate | IPT_ROLE '=' IPT_COUNT { $$ = IPL_LOGCOUNT; } 1587c478bd9Sstevel@tonic-gate ; 1597c478bd9Sstevel@tonic-gate 1607c478bd9Sstevel@tonic-gate ipftree: 161ab25eeb5Syz155240 IPT_TYPE '=' IPT_TREE number start addrlist end 1627c478bd9Sstevel@tonic-gate { strncpy(iplo.ipo_name, $4, 1637c478bd9Sstevel@tonic-gate sizeof(iplo.ipo_name)); 164ab25eeb5Syz155240 $$ = $6; 1657c478bd9Sstevel@tonic-gate } 1667c478bd9Sstevel@tonic-gate ; 1677c478bd9Sstevel@tonic-gate 1687c478bd9Sstevel@tonic-gate ipfhash: 169ab25eeb5Syz155240 IPT_TYPE '=' IPT_HASH number hashopts start hashlist end 1707c478bd9Sstevel@tonic-gate { strncpy(ipht.iph_name, $4, 1717c478bd9Sstevel@tonic-gate sizeof(ipht.iph_name)); 172ab25eeb5Syz155240 $$ = $7; 1737c478bd9Sstevel@tonic-gate } 1747c478bd9Sstevel@tonic-gate ; 1757c478bd9Sstevel@tonic-gate 1767c478bd9Sstevel@tonic-gate ipfgroup: 177ab25eeb5Syz155240 setgroup hashopts start grouplist end 1787c478bd9Sstevel@tonic-gate { iphtent_t *e; 1797c478bd9Sstevel@tonic-gate for (e = $4; e != NULL; 1807c478bd9Sstevel@tonic-gate e = e->ipe_next) 1817c478bd9Sstevel@tonic-gate if (e->ipe_group[0] == '\0') 1827c478bd9Sstevel@tonic-gate strncpy(e->ipe_group, 1837c478bd9Sstevel@tonic-gate $1, 1847c478bd9Sstevel@tonic-gate FR_GROUPLEN); 1857c478bd9Sstevel@tonic-gate $$ = $4; 1867c478bd9Sstevel@tonic-gate } 187ab25eeb5Syz155240 | hashopts start setgrouplist end { $$ = $3; } 1887c478bd9Sstevel@tonic-gate ; 1897c478bd9Sstevel@tonic-gate 190ab25eeb5Syz155240 number: IPT_NUM '=' YY_NUMBER { snprintf(poolname, FR_GROUPLEN, "%u", $3); 1917c478bd9Sstevel@tonic-gate $$ = poolname; 1927c478bd9Sstevel@tonic-gate } 1937c478bd9Sstevel@tonic-gate | IPT_NAME '=' YY_STR { $$ = $3; } 1947c478bd9Sstevel@tonic-gate | { $$ = ""; } 1957c478bd9Sstevel@tonic-gate ; 1967c478bd9Sstevel@tonic-gate 1977c478bd9Sstevel@tonic-gate setgroup: 1987c478bd9Sstevel@tonic-gate IPT_GROUP '=' YY_STR { char tmp[FR_GROUPLEN+1]; 1997c478bd9Sstevel@tonic-gate strncpy(tmp, $3, FR_GROUPLEN); 2007c478bd9Sstevel@tonic-gate $$ = strdup(tmp); 2017c478bd9Sstevel@tonic-gate } 2027c478bd9Sstevel@tonic-gate | IPT_GROUP '=' YY_NUMBER { char tmp[FR_GROUPLEN+1]; 203ab25eeb5Syz155240 snprintf(tmp, FR_GROUPLEN, "%u", $3); 2047c478bd9Sstevel@tonic-gate $$ = strdup(tmp); 2057c478bd9Sstevel@tonic-gate } 2067c478bd9Sstevel@tonic-gate ; 2077c478bd9Sstevel@tonic-gate 2087c478bd9Sstevel@tonic-gate hashopts: 2097c478bd9Sstevel@tonic-gate | size 2107c478bd9Sstevel@tonic-gate | seed 2117c478bd9Sstevel@tonic-gate | size seed 2127c478bd9Sstevel@tonic-gate ; 2137c478bd9Sstevel@tonic-gate 2147c478bd9Sstevel@tonic-gate addrlist: 215ab25eeb5Syz155240 ';' { $$ = NULL; } 216f30f5fa1Sjojemann | range next addrlist { $1->ipn_next = $3; $$ = $1; } 2177663b816Sml37995 | range next { $$ = $1; } 218ab25eeb5Syz155240 | range 2197c478bd9Sstevel@tonic-gate ; 2207c478bd9Sstevel@tonic-gate 2217c478bd9Sstevel@tonic-gate grouplist: 222ab25eeb5Syz155240 ';' { $$ = NULL; } 223ab25eeb5Syz155240 | groupentry next grouplist { $$ = $1; $1->ipe_next = $3; } 2247663b816Sml37995 | addrmask next grouplist { $$ = calloc(1, sizeof(iphtent_t)); 2255e985db5Sschuster if ($$ == NULL) 2265e985db5Sschuster yyerror("sorry, out of memory"); 2277663b816Sml37995 if (set_ipv6_addr) 2287663b816Sml37995 $$->ipe_family = AF_INET6; 2297663b816Sml37995 else 2307663b816Sml37995 $$->ipe_family = AF_INET; 2317c478bd9Sstevel@tonic-gate bcopy((char *)&($1[0]), 2327c478bd9Sstevel@tonic-gate (char *)&($$->ipe_addr), 2337c478bd9Sstevel@tonic-gate sizeof($$->ipe_addr)); 2347c478bd9Sstevel@tonic-gate bcopy((char *)&($1[1]), 2357c478bd9Sstevel@tonic-gate (char *)&($$->ipe_mask), 2367c478bd9Sstevel@tonic-gate sizeof($$->ipe_mask)); 2377663b816Sml37995 set_ipv6_addr = 0; 238ab25eeb5Syz155240 $$->ipe_next = $3; 239ab25eeb5Syz155240 } 2407663b816Sml37995 | groupentry next { $$ = $1; } 2417663b816Sml37995 | addrmask next { $$ = calloc(1, sizeof(iphtent_t)); 2425e985db5Sschuster if ($$ == NULL) 2435e985db5Sschuster yyerror("sorry, out of memory"); 2447663b816Sml37995 if (set_ipv6_addr) 2457663b816Sml37995 $$->ipe_family = AF_INET6; 2467663b816Sml37995 else 2477663b816Sml37995 $$->ipe_family = AF_INET; 2487c478bd9Sstevel@tonic-gate bcopy((char *)&($1[0]), 2497c478bd9Sstevel@tonic-gate (char *)&($$->ipe_addr), 2507c478bd9Sstevel@tonic-gate sizeof($$->ipe_addr)); 2517c478bd9Sstevel@tonic-gate bcopy((char *)&($1[1]), 2527c478bd9Sstevel@tonic-gate (char *)&($$->ipe_mask), 2537c478bd9Sstevel@tonic-gate sizeof($$->ipe_mask)); 2547663b816Sml37995 set_ipv6_addr = 0; 2557c478bd9Sstevel@tonic-gate } 2567c478bd9Sstevel@tonic-gate ; 2577c478bd9Sstevel@tonic-gate 2587c478bd9Sstevel@tonic-gate setgrouplist: 259ab25eeb5Syz155240 ';' { $$ = NULL; } 260ab25eeb5Syz155240 | groupentry next { $$ = $1; } 2617663b816Sml37995 | groupentry next setgrouplist { $1->ipe_next = $3; $$ = $1; } 2627c478bd9Sstevel@tonic-gate ; 2637c478bd9Sstevel@tonic-gate 2647c478bd9Sstevel@tonic-gate groupentry: 2657c478bd9Sstevel@tonic-gate addrmask ',' setgroup { $$ = calloc(1, sizeof(iphtent_t)); 2665e985db5Sschuster if ($$ == NULL) 2675e985db5Sschuster yyerror("sorry, out of memory"); 2687663b816Sml37995 if (set_ipv6_addr) 2697663b816Sml37995 $$->ipe_family = AF_INET6; 2707663b816Sml37995 else 2717663b816Sml37995 $$->ipe_family = AF_INET; 2727c478bd9Sstevel@tonic-gate bcopy((char *)&($1[0]), 2737c478bd9Sstevel@tonic-gate (char *)&($$->ipe_addr), 2747c478bd9Sstevel@tonic-gate sizeof($$->ipe_addr)); 2757c478bd9Sstevel@tonic-gate bcopy((char *)&($1[1]), 2767c478bd9Sstevel@tonic-gate (char *)&($$->ipe_mask), 2777c478bd9Sstevel@tonic-gate sizeof($$->ipe_mask)); 2787663b816Sml37995 set_ipv6_addr = 0; 279ab25eeb5Syz155240 strncpy($$->ipe_group, $3, 280ab25eeb5Syz155240 FR_GROUPLEN); 281ab25eeb5Syz155240 free($3); 282ab25eeb5Syz155240 } 2837c478bd9Sstevel@tonic-gate ; 2847c478bd9Sstevel@tonic-gate 2857c478bd9Sstevel@tonic-gate range: addrmask { $$ = calloc(1, sizeof(*$$)); 2865e985db5Sschuster if ($$ == NULL) 2875e985db5Sschuster yyerror("sorry, out of memory"); 2887c478bd9Sstevel@tonic-gate $$->ipn_info = 0; 289ab25eeb5Syz155240 $$->ipn_addr.adf_len = sizeof($$->ipn_addr); 290ab25eeb5Syz155240 $$->ipn_mask.adf_len = sizeof($$->ipn_mask); 2917663b816Sml37995 if (set_ipv6_addr) { 2927663b816Sml37995 $$->ipn_addr.adf_family = AF_INET6; 2937663b816Sml37995 $$->ipn_addr.adf_addr = $1[0]; 2947663b816Sml37995 $$->ipn_mask.adf_addr = $1[1]; 2957663b816Sml37995 2967663b816Sml37995 } else { 2977663b816Sml37995 $$->ipn_addr.adf_family = AF_INET; 2987663b816Sml37995 $$->ipn_addr.adf_addr.in4.s_addr = $1[0].in4.s_addr; 2997663b816Sml37995 $$->ipn_mask.adf_addr.in4.s_addr = $1[1].in4.s_addr; 3007663b816Sml37995 } 3017663b816Sml37995 set_ipv6_addr = 0; 3027c478bd9Sstevel@tonic-gate } 3037c478bd9Sstevel@tonic-gate | '!' addrmask { $$ = calloc(1, sizeof(*$$)); 3045e985db5Sschuster if ($$ == NULL) 3055e985db5Sschuster yyerror("sorry, out of memory"); 3067c478bd9Sstevel@tonic-gate $$->ipn_info = 1; 307ab25eeb5Syz155240 $$->ipn_addr.adf_len = sizeof($$->ipn_addr); 308ab25eeb5Syz155240 $$->ipn_mask.adf_len = sizeof($$->ipn_mask); 3097663b816Sml37995 if (set_ipv6_addr) { 3107663b816Sml37995 $$->ipn_addr.adf_family = AF_INET6; 3117663b816Sml37995 $$->ipn_addr.adf_addr = $2[0]; 3127663b816Sml37995 $$->ipn_mask.adf_addr = $2[1]; 3137663b816Sml37995 } else { 3147663b816Sml37995 $$->ipn_addr.adf_family = AF_INET; 3157663b816Sml37995 $$->ipn_addr.adf_addr.in4.s_addr = $2[0].in4.s_addr; 3167663b816Sml37995 $$->ipn_mask.adf_addr.in4.s_addr = $2[1].in4.s_addr; 3177663b816Sml37995 } 3187663b816Sml37995 set_ipv6_addr = 0; 3197c478bd9Sstevel@tonic-gate } 3207c478bd9Sstevel@tonic-gate 3217c478bd9Sstevel@tonic-gate hashlist: 322ab25eeb5Syz155240 ';' { $$ = NULL; } 323ab25eeb5Syz155240 | hashentry next { $$ = $1; } 3247663b816Sml37995 | hashentry next hashlist { $1->ipe_next = $3; $$ = $1; } 3257c478bd9Sstevel@tonic-gate ; 3267c478bd9Sstevel@tonic-gate 3277c478bd9Sstevel@tonic-gate hashentry: 3287c478bd9Sstevel@tonic-gate addrmask { $$ = calloc(1, sizeof(iphtent_t)); 3295e985db5Sschuster if ($$ == NULL) 3305e985db5Sschuster yyerror("sorry, out of memory"); 3317663b816Sml37995 if (set_ipv6_addr) 3327663b816Sml37995 $$->ipe_family = AF_INET6; 3337663b816Sml37995 else 3347663b816Sml37995 $$->ipe_family = AF_INET; 3357c478bd9Sstevel@tonic-gate bcopy((char *)&($1[0]), 3367c478bd9Sstevel@tonic-gate (char *)&($$->ipe_addr), 3377c478bd9Sstevel@tonic-gate sizeof($$->ipe_addr)); 3387c478bd9Sstevel@tonic-gate bcopy((char *)&($1[1]), 3397c478bd9Sstevel@tonic-gate (char *)&($$->ipe_mask), 3407c478bd9Sstevel@tonic-gate sizeof($$->ipe_mask)); 3417c478bd9Sstevel@tonic-gate } 3427c478bd9Sstevel@tonic-gate ; 3437c478bd9Sstevel@tonic-gate 3447c478bd9Sstevel@tonic-gate addrmask: 345ab25eeb5Syz155240 ipaddr '/' mask { $$[0] = $1; $$[1] = $3; 346ab25eeb5Syz155240 yyexpectaddr = 0; 347ab25eeb5Syz155240 } 3487663b816Sml37995 | ipaddr { $$[0] = $1; 349ab25eeb5Syz155240 yyexpectaddr = 0; 3507663b816Sml37995 if (set_ipv6_addr) 3517663b816Sml37995 fill6bits(128, (u_32_t *)$$[1].in6.s6_addr); 3527663b816Sml37995 else 353ab25eeb5Syz155240 $$[1].in4.s_addr = 0xffffffff; 354ab25eeb5Syz155240 } 3557c478bd9Sstevel@tonic-gate ; 3567c478bd9Sstevel@tonic-gate 3577c478bd9Sstevel@tonic-gate ipaddr: ipv4 { $$ = $1; } 3587663b816Sml37995 | YY_NUMBER { $$.in4.s_addr = htonl($1); } 3597663b816Sml37995 | YY_IPV6 { set_ipv6_addr = 1; 3607663b816Sml37995 bcopy(&$1, &$$, sizeof($$)); 3617663b816Sml37995 yyexpectaddr = 0; } 362*9b4c7145Sjojemann | YY_STR { if (gethost($1, &$$, 0) == -1) 363ab25eeb5Syz155240 yyerror("Unknown hostname"); 364ab25eeb5Syz155240 } 3657c478bd9Sstevel@tonic-gate ; 3667c478bd9Sstevel@tonic-gate 3677663b816Sml37995 mask: YY_NUMBER { if (set_ipv6_addr) 3687663b816Sml37995 ntomask(6, $1, (u_32_t *)$$.in6.s6_addr); 3697663b816Sml37995 else 370ab25eeb5Syz155240 ntomask(4, $1, (u_32_t *)&$$.in4.s_addr); } 3717c478bd9Sstevel@tonic-gate | ipv4 { $$ = $1; } 3727c478bd9Sstevel@tonic-gate ; 3737c478bd9Sstevel@tonic-gate 374ab25eeb5Syz155240 start: '{' { yyexpectaddr = 1; } 375ab25eeb5Syz155240 ; 376ab25eeb5Syz155240 377ab25eeb5Syz155240 end: '}' { yyexpectaddr = 0; } 378ab25eeb5Syz155240 ; 379ab25eeb5Syz155240 380ab25eeb5Syz155240 next: ',' { yyexpectaddr = 1; } 381ab25eeb5Syz155240 | ';' { yyexpectaddr = 1; } 382ab25eeb5Syz155240 ; 383ab25eeb5Syz155240 3847c478bd9Sstevel@tonic-gate size: IPT_SIZE '=' YY_NUMBER { ipht.iph_size = $3; } 3857c478bd9Sstevel@tonic-gate ; 3867c478bd9Sstevel@tonic-gate 3877c478bd9Sstevel@tonic-gate seed: IPT_SEED '=' YY_NUMBER { ipht.iph_seed = $3; } 3887c478bd9Sstevel@tonic-gate ; 3897c478bd9Sstevel@tonic-gate 3907c478bd9Sstevel@tonic-gate ipv4: YY_NUMBER '.' YY_NUMBER '.' YY_NUMBER '.' YY_NUMBER 3917c478bd9Sstevel@tonic-gate { if ($1 > 255 || $3 > 255 || $5 > 255 || $7 > 255) { 3927c478bd9Sstevel@tonic-gate yyerror("Invalid octet string for IP address"); 3937c478bd9Sstevel@tonic-gate return 0; 3947c478bd9Sstevel@tonic-gate } 3957663b816Sml37995 $$.in4.s_addr = ($1 << 24) | ($3 << 16) | ($5 << 8) | $7; 3967663b816Sml37995 $$.in4.s_addr = htonl($$.in4.s_addr); 3977c478bd9Sstevel@tonic-gate } 3987c478bd9Sstevel@tonic-gate ; 3997c478bd9Sstevel@tonic-gate %% 4007c478bd9Sstevel@tonic-gate static wordtab_t yywords[] = { 4017c478bd9Sstevel@tonic-gate { "auth", IPT_AUTH }, 4027c478bd9Sstevel@tonic-gate { "count", IPT_COUNT }, 4037c478bd9Sstevel@tonic-gate { "group", IPT_GROUP }, 4047c478bd9Sstevel@tonic-gate { "group-map", IPT_GROUPMAP }, 4057c478bd9Sstevel@tonic-gate { "hash", IPT_HASH }, 4067c478bd9Sstevel@tonic-gate { "in", IPT_IN }, 4077c478bd9Sstevel@tonic-gate { "ipf", IPT_IPF }, 4087c478bd9Sstevel@tonic-gate { "name", IPT_NAME }, 4097c478bd9Sstevel@tonic-gate { "nat", IPT_NAT }, 4107c478bd9Sstevel@tonic-gate { "number", IPT_NUM }, 4117c478bd9Sstevel@tonic-gate { "out", IPT_OUT }, 4127c478bd9Sstevel@tonic-gate { "role", IPT_ROLE }, 4137c478bd9Sstevel@tonic-gate { "seed", IPT_SEED }, 4147c478bd9Sstevel@tonic-gate { "size", IPT_SIZE }, 4157c478bd9Sstevel@tonic-gate { "table", IPT_TABLE }, 4167c478bd9Sstevel@tonic-gate { "tree", IPT_TREE }, 4177c478bd9Sstevel@tonic-gate { "type", IPT_TYPE }, 4187c478bd9Sstevel@tonic-gate { NULL, 0 } 4197c478bd9Sstevel@tonic-gate }; 4207c478bd9Sstevel@tonic-gate 4217c478bd9Sstevel@tonic-gate 4227c478bd9Sstevel@tonic-gate int ippool_parsefile(fd, filename, iocfunc) 4237c478bd9Sstevel@tonic-gate int fd; 4247c478bd9Sstevel@tonic-gate char *filename; 4257c478bd9Sstevel@tonic-gate ioctlfunc_t iocfunc; 4267c478bd9Sstevel@tonic-gate { 4277c478bd9Sstevel@tonic-gate FILE *fp = NULL; 4287c478bd9Sstevel@tonic-gate char *s; 4297c478bd9Sstevel@tonic-gate 4307c478bd9Sstevel@tonic-gate yylineNum = 1; 4317c478bd9Sstevel@tonic-gate (void) yysettab(yywords); 4327c478bd9Sstevel@tonic-gate 4337c478bd9Sstevel@tonic-gate s = getenv("YYDEBUG"); 4347c478bd9Sstevel@tonic-gate if (s) 4357c478bd9Sstevel@tonic-gate yydebug = atoi(s); 4367c478bd9Sstevel@tonic-gate else 4377c478bd9Sstevel@tonic-gate yydebug = 0; 4387c478bd9Sstevel@tonic-gate 4397c478bd9Sstevel@tonic-gate if (strcmp(filename, "-")) { 4407c478bd9Sstevel@tonic-gate fp = fopen(filename, "r"); 4417c478bd9Sstevel@tonic-gate if (!fp) { 4427c478bd9Sstevel@tonic-gate fprintf(stderr, "fopen(%s) failed: %s\n", filename, 4437c478bd9Sstevel@tonic-gate STRERROR(errno)); 4447c478bd9Sstevel@tonic-gate return -1; 4457c478bd9Sstevel@tonic-gate } 4467c478bd9Sstevel@tonic-gate } else 4477c478bd9Sstevel@tonic-gate fp = stdin; 4487c478bd9Sstevel@tonic-gate 4497c478bd9Sstevel@tonic-gate while (ippool_parsesome(fd, fp, iocfunc) == 1) 4507c478bd9Sstevel@tonic-gate ; 4517c478bd9Sstevel@tonic-gate if (fp != NULL) 4527c478bd9Sstevel@tonic-gate fclose(fp); 4537c478bd9Sstevel@tonic-gate return 0; 4547c478bd9Sstevel@tonic-gate } 4557c478bd9Sstevel@tonic-gate 4567c478bd9Sstevel@tonic-gate 4577c478bd9Sstevel@tonic-gate int ippool_parsesome(fd, fp, iocfunc) 4587c478bd9Sstevel@tonic-gate int fd; 4597c478bd9Sstevel@tonic-gate FILE *fp; 4607c478bd9Sstevel@tonic-gate ioctlfunc_t iocfunc; 4617c478bd9Sstevel@tonic-gate { 4627c478bd9Sstevel@tonic-gate char *s; 4637c478bd9Sstevel@tonic-gate int i; 4647c478bd9Sstevel@tonic-gate 4657c478bd9Sstevel@tonic-gate poolioctl = iocfunc; 4667c478bd9Sstevel@tonic-gate 4677c478bd9Sstevel@tonic-gate if (feof(fp)) 4687c478bd9Sstevel@tonic-gate return 0; 4697c478bd9Sstevel@tonic-gate i = fgetc(fp); 4707c478bd9Sstevel@tonic-gate if (i == EOF) 4717c478bd9Sstevel@tonic-gate return 0; 4727c478bd9Sstevel@tonic-gate if (ungetc(i, fp) == EOF) 4737c478bd9Sstevel@tonic-gate return 0; 4747c478bd9Sstevel@tonic-gate if (feof(fp)) 4757c478bd9Sstevel@tonic-gate return 0; 4767c478bd9Sstevel@tonic-gate s = getenv("YYDEBUG"); 4777c478bd9Sstevel@tonic-gate if (s) 4787c478bd9Sstevel@tonic-gate yydebug = atoi(s); 4797c478bd9Sstevel@tonic-gate else 4807c478bd9Sstevel@tonic-gate yydebug = 0; 4817c478bd9Sstevel@tonic-gate 4827c478bd9Sstevel@tonic-gate yyin = fp; 4837c478bd9Sstevel@tonic-gate yyparse(); 4847c478bd9Sstevel@tonic-gate return 1; 4857c478bd9Sstevel@tonic-gate } 486